diff options
| author | Lasse Collin <lasse.collin@tukaani.org> | 2023-10-09 18:13:08 +0300 |
|---|---|---|
| committer | Lasse Collin <lasse.collin@tukaani.org> | 2023-10-22 19:03:52 +0300 |
| commit | 2e2cd11535ad77364cf021297e0b3f162fa3a3d0 (patch) | |
| tree | 4623ea1dc5da7596b1f5d2de885b466f9bf45a1f /src | |
| parent | xz/Windows: Allow clock_gettime with POSIX threads. (diff) | |
| download | xz-2e2cd11535ad77364cf021297e0b3f162fa3a3d0.tar.xz | |
Simplify detection of Capsicum support.
This removes support for FreeBSD 10.0 and 10.1 which used
<sys/capability.h> instead of <sys/capsicum.h>. Support for
FreeBSD 10.1 ended on 2016-12-31. So now FreeBSD >= 10.2 is
required to enable Capsicum support.
This also removes support for Capsicum on Linux (libcaprights)
which seems to have been unmaintained since 2017 and Linux 4.11:
https://github.com/google/capsicum-linux
Diffstat (limited to 'src')
| -rw-r--r-- | src/xz/Makefile.am | 2 | ||||
| -rw-r--r-- | src/xz/file_io.c | 14 | ||||
| -rw-r--r-- | src/xz/private.h | 2 |
3 files changed, 7 insertions, 11 deletions
diff --git a/src/xz/Makefile.am b/src/xz/Makefile.am index 4bc64f36..34b3c598 100644 --- a/src/xz/Makefile.am +++ b/src/xz/Makefile.am @@ -53,7 +53,7 @@ xz_CPPFLAGS = \ -I$(top_srcdir)/src/liblzma/api \ -I$(top_builddir)/lib -xz_LDADD = $(top_builddir)/src/liblzma/liblzma.la $(CAPSICUM_LIB) +xz_LDADD = $(top_builddir)/src/liblzma/liblzma.la if COND_GNULIB xz_LDADD += $(top_builddir)/lib/libgnu.a diff --git a/src/xz/file_io.c b/src/xz/file_io.c index 55652c53..5a7d317f 100644 --- a/src/xz/file_io.c +++ b/src/xz/file_io.c @@ -29,12 +29,8 @@ static bool warn_fchown; # include <utime.h> #endif -#ifdef HAVE_CAPSICUM -# ifdef HAVE_SYS_CAPSICUM_H -# include <sys/capsicum.h> -# else -# include <sys/capability.h> -# endif +#ifdef HAVE_CAP_RIGHTS_LIMIT +# include <sys/capsicum.h> #endif #include "tuklib_open_stdxxx.h" @@ -214,8 +210,8 @@ io_sandbox_enter(int src_fd) // characters have been loaded. This is needed at least with glibc. tuklib_mbstr_width(dummy_str, NULL); -#ifdef HAVE_CAPSICUM - // Capsicum needs FreeBSD 10.0 or later. +#ifdef HAVE_CAP_RIGHTS_LIMIT + // Capsicum needs FreeBSD 10.2 or later. cap_rights_t rights; if (cap_enter()) @@ -266,7 +262,7 @@ io_sandbox_enter(int src_fd) return; error: -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAP_RIGHTS_LIMIT // If a kernel is configured without capability mode support or // used in an emulator that does not implement the capability // system calls, then the Capsicum system calls will fail and set diff --git a/src/xz/private.h b/src/xz/private.h index 8542427f..ddcc103c 100644 --- a/src/xz/private.h +++ b/src/xz/private.h @@ -52,7 +52,7 @@ # define STDERR_FILENO (fileno(stderr)) #endif -#if defined(HAVE_CAPSICUM) || defined(HAVE_PLEDGE) +#if defined(HAVE_CAP_RIGHTS_LIMIT) || defined(HAVE_PLEDGE) # define ENABLE_SANDBOX 1 #endif |